The Info Sec Tech Lead Analyst is a senior level professional position responsible for driving efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy. The candidate's primary responsibility is to manage and provide overall governance for the Security Analytics Services organization (Standards and Compliance). This person must understand the high-level principles around software development lifecycle and must be able to capture and articulate requirements and progress clearly. There is a lot of documentation involved in this process, which will be also the responsibility of the candidate to deliver. This is technical management position and knowledge requirements are aligned to Linux scripting and creation of dashboards in Splunk for reporting compliance items, monthly project tracking, etc. This role is in the Cyber Security space and it is expected the candidate to understand the fundamentals of Information Security.

Responsibilities:

• Identify opportunities to automate and standardize information security controls and for the supported groups
• Resolve any vulnerabilities or issues detected in an application or infrastructure
• Analyze source code to mitigate identified weaknesses and vulnerabilities within the system
• Review and validate automated testing results and prioritize actions that resolve issues based on overall risk
• Scan and analyze applications with automated tools, and perform manual testing if necessary
• Reduce risk by analyzing the root cause of issues, their impact, and required corrective actions
• Direct the development and delivery of secure solutions by coordinating with business and technical contacts
• Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.

Qualifications:

• 10+ years of relevant experience
• Must be able to clearly understand and articulate the business requirements
• Must have a great knowledge on project management tools, Jira and Confluence
• Scripting on Bash or Python or Perl is required
• Experience dealing with business pressure and strict timelines
• Previous experience in the SIEM space is required (ArcSight and Splunk ES)
• Management of small or large teams aligned to governance is required
• Excellent communication skills and experience working with stakeholders to drive end to end resolution
• Must be a self-starter and be able to manage their time against deliverables
• Splunk certification is mandatory
• CISSP certification is a plus; it will be required to be taken at a later stage
• Proficient with Microsoft Office products including Visio, Word and Excel
• Advanced written and verbal communication skills

Education:

• Bachelor’s degree/University degree or equivalent experience
• Master’s degree preferred

This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required